--- openssl-1.0.1c/apps/dgst.c.org	2012-02-11 01:46:19.000000000 +0900
+++ openssl-1.0.1c/apps/dgst.c	2012-08-02 14:47:31.368244214 +0900
@@ -74,6 +74,8 @@
 #undef PROG
 #define PROG	dgst_main
 
+int set_hex(char *in,unsigned char *out,int size); // defined in apps/enc.c
+
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen,
 	  const char *sig_name, const char *md_name,
@@ -126,6 +128,8 @@
 	char *engine=NULL;
 #endif
 	char *hmac_key=NULL;
+	char hmac_key_data[EVP_MAX_KEY_LENGTH];
+	int hmac_key_len = -1;
 	char *mac_name=NULL;
 	int non_fips_allow = 0;
 	STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
@@ -226,6 +230,15 @@
 				break;
 			hmac_key=*++argv;
 			}
+		else if (!strcmp(*argv,"-hmachex"))
+			{
+			if (--argc < 1)
+				break;
+			hmac_key_len = strlen(*++argv) / 2;
+			if (!set_hex(*argv, hmac_key_data, sizeof hmac_key_data))
+				break;
+			hmac_key = hmac_key_data;
+			}
 		else if (!strcmp(*argv,"-mac"))
 			{
 			if (--argc < 1)
@@ -281,6 +294,7 @@
 		BIO_printf(bio_err,"-signature file signature to verify\n");
 		BIO_printf(bio_err,"-sigopt nm:v    signature parameter\n");
 		BIO_printf(bio_err,"-hmac key       create hashed MAC with key\n");
+		BIO_printf(bio_err,"-hmachex hexkey create hashed MAC with key in hex\n");
 		BIO_printf(bio_err,"-mac algorithm  create MAC (not neccessarily HMAC)\n"); 
 		BIO_printf(bio_err,"-macopt nm:v    MAC algorithm parameters or key\n");
 #ifndef OPENSSL_NO_ENGINE
@@ -410,7 +424,7 @@
 	if (hmac_key)
 		{
 		sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
-					(unsigned char *)hmac_key, -1);
+					(unsigned char *)hmac_key, hmac_key_len);
 		if (!sigkey)
 			goto end;
 		}